<?php
include_once 'koneksi.php';
class Auth
{
    private $id_user;
    private $password;
	private $koneksi;
	
	public function __construct ()
	{
		$this-> koneksi = new Koneksi();
	}

    public function login($id_user, $password)
    {
        $password = md5($password);
		$this->id_user = mysql_real_escape_string($id_user);
        $this->password = mysql_real_escape_string($password);
        $this->koneksi->_connect();
        $query = "SELECT id_user as id_user, password as password
                    FROM user
                    WHERE id_user = '$this->id_user'";
        $result = mysql_query($query, $this-> koneksi -> db);
		$user = mysql_fetch_assoc($result);
		$this->koneksi->_close();
        if(($user["id_user"]=="") or ($user["password"]=="")){
			$pesan = "harap isi kolom username dan password";
			return false;
		}  else if (($user["id_user"]==$this->id_user) and ($user["password"]!==$this->password)){
			$pesan = "password anda salah";
			return false;
		} else if (($user["id_user"]!==$this->id_user) and ($user["password"]==$this->password)){
			$pesan = "username anda salah";
			return false;
		} else if (($user["id_user"]==$this->id_user) and ($user["password"]==$this->password)){
			session_start();
		 	$_SESSION["id_user"] = $id_user;
            return true;
        } else {
        	return false;
		}
    }
	
	public function logout () 
	{
		session_start();
		session_destroy();
	}
}
